package com.mostromas.ess.oauth2.authentication;

import com.mostromas.ess.entities.SysUser;
import com.mostromas.ess.entities.UserProject;
import com.mostromas.ess.feign.IFeignProjectController;
import com.mostromas.ess.feign.IFeignSystemController;
import com.mostromas.ess.oauth2.CustomAuthenticationFailureHandler;
import com.mostromas.ess.util.enums.SysUserType;
import com.mostromas.ess.util.tools.DateUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Date;

/**
 * 校验用户名和机器码是否匹配
 */
@Component
public class HardwareCodingValidateFilter extends OncePerRequestFilter {
    @Autowired
    CustomAuthenticationFailureHandler customAuthenticationFailureHandler;
    @Autowired // 检查启动类注解 @EnableFeignClients
    private IFeignSystemController feignSystemController;
    @Autowired
    private IFeignProjectController feignProjectController;
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        if("/auth/login".equals(request.getRequestURI()) && "post".equalsIgnoreCase(request.getMethod())){
            try{
                //校验验证码合法性
                validate(request);
            }catch (AuthenticationException e){
                //交给失败处理器处理异常
                customAuthenticationFailureHandler.onAuthenticationFailure(request,response,e);
                return;
            }
        }

        filterChain.doFilter(request,response);
    }

    private void validate(HttpServletRequest request){
        String username = request.getParameter("username");
        //获取用户输入的机器码
        String hardwareCoding = request.getParameter("hardwareCoding");
        //获取用户提交的软件ID
        String projectId = request.getParameter("projectId");
        SysUser sysUser = feignSystemController.findUserByUsername(username);
        if(sysUser == null){
            throw new BadCredentialsException("该用户不存在");
        }
        if(sysUser.getUserType() == SysUserType.PROJECT){
            System.out.println("aaaaaaaaaaaaaaaaaaa"+username+"\t"+projectId+"\t"+hardwareCoding);
            UserProject project = feignProjectController.getUserProject(username,projectId,hardwareCoding);
            System.out.println("bbbbbbbbbbbbbbbbbbbb\t"+project);
            if(project == null){
                throw new BadCredentialsException("没有权限登陆(是否已购买或在绑定机器上登陆)");
            }
            if(!DateUtil.ompareDate(new Date(),project.getEffectiveTime())){
                throw new BadCredentialsException("软件已过有效期");
            }
        }
    }
}
